Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EF94/5B24A5C8A6C111E98C379E0FC4F9AE02/27893FC6A76111E9A3157F5EC4F9AE02.roa
File: 27893FC6A76111E9A3157F5EC4F9AE02.roa (raw, json)
Hash identifier: tyAdsfkfX/ec+sAW3szfBo1ztQ1lh7eDtmRtcflCz4A=
Subject key identifier: E2:42:99:DB:9B:F5:D7:77:1B:9C:DB:3D:50:CC:AA:DA:82:CB:71:48
Certificate issuer: /CN=A918EF94/serialNumber=A777E4818CA0DCC6382E5625706F98C81E930720
Certificate serial: 0A83
Authority key identifier: A7:77:E4:81:8C:A0:DC:C6:38:2E:56:25:70:6F:98:C8:1E:93:07:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p3fkgYyg3MY4LlYlcG-YyB6TByA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EF94/5B24A5C8A6C111E98C379E0FC4F9AE02/27893FC6A76111E9A3157F5EC4F9AE02.roa
Signing time: Thu 03 Mar 2022 07:25:49 +0000
ROA not before: Thu 03 Mar 2022 07:25:49 +0000
ROA not after: Mon 01 May 2023 00:00:00 +0000
asID: 7645
IP address blocks: 2402:6940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2691 (0xa83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EF94/serialNumber=A777E4818CA0DCC6382E5625706F98C81E930720
Validity
Not Before: Mar 3 07:25:49 2022 GMT
Not After : May 1 00:00:00 2023 GMT
Subject: CN=62206d7d-9505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:06:e2:91:9a:b7:f1:08:9c:a3:84:bd:39:2f:
47:cc:af:52:c2:70:b5:b7:87:2b:bd:47:f9:b6:56:
f1:b0:56:03:44:0e:6d:8d:c5:2d:13:52:49:f5:5a:
ac:31:4f:f4:df:15:be:4f:0a:b3:38:b0:0e:55:14:
8c:c8:02:95:38:4d:b0:89:ab:31:14:fc:b2:d0:6e:
3f:ff:81:2d:5b:20:59:d0:bc:4a:58:f6:10:5d:e5:
2f:e2:3c:94:78:11:26:f3:3b:b4:db:75:32:41:35:
4a:4d:8c:8d:2b:06:ef:d4:62:d2:7b:a9:37:4a:d8:
c6:70:9f:a7:81:74:74:72:69:86:a4:1d:9c:60:19:
67:63:84:26:86:49:84:de:a2:5f:88:05:9d:d7:ba:
71:e4:5b:44:64:79:42:73:a7:7c:14:e1:29:cc:e2:
3f:e0:a7:62:ec:4d:0e:81:2c:23:26:dc:a7:8e:ee:
9a:1c:f3:11:c1:bf:48:ef:4b:3c:35:36:a2:4d:be:
e2:03:e8:80:e1:7e:c3:32:86:10:b5:19:6d:eb:a7:
04:59:b4:71:e4:b4:fd:52:7d:43:e4:86:04:1a:49:
4f:e3:55:fd:34:37:89:07:fe:0b:de:6f:59:d1:9f:
0e:e5:9f:de:bd:4d:f7:4a:3a:74:fc:e6:f7:b7:ea:
60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:42:99:DB:9B:F5:D7:77:1B:9C:DB:3D:50:CC:AA:DA:82:CB:71:48
X509v3 Authority Key Identifier:
keyid:A7:77:E4:81:8C:A0:DC:C6:38:2E:56:25:70:6F:98:C8:1E:93:07:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EF94/5B24A5C8A6C111E98C379E0FC4F9AE02/p3fkgYyg3MY4LlYlcG-YyB6TByA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/p3fkgYyg3MY4LlYlcG-YyB6TByA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EF94/5B24A5C8A6C111E98C379E0FC4F9AE02/27893FC6A76111E9A3157F5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:6940::/32
Signature Algorithm: sha256WithRSAEncryption
33:d3:f3:ac:d3:df:ea:c6:c2:1a:3e:bc:a3:1c:aa:14:82:e3:
1e:9a:d2:bf:7e:84:f4:8e:e7:44:bd:93:04:cf:24:4f:1b:26:
80:44:bc:cd:5e:68:94:a2:2e:a0:ba:e5:4a:3b:ab:0e:dc:95:
22:de:61:66:75:1b:b1:f8:82:ae:02:cd:f0:4d:d6:60:54:49:
01:f6:24:47:b0:04:fc:aa:80:14:fc:e8:f6:6c:16:3f:84:3c:
0b:4d:da:86:38:5d:ab:b4:57:94:2d:bf:6c:cd:f0:f2:fb:4c:
7f:de:52:9c:de:08:d8:57:cd:93:fa:6e:fd:55:6f:b4:fd:9b:
7c:22:9d:23:fe:99:0d:57:d5:c7:f6:d1:f3:37:95:ef:26:80:
1d:31:dc:1e:29:e9:e3:c4:39:7d:42:c4:cd:cc:67:ef:d4:82:
f2:99:6e:d2:80:98:dd:65:5a:c6:1e:fb:8d:c5:7c:97:6b:db:
3f:fd:57:ff:90:bf:9f:7e:35:43:aa:a3:0a:fe:a7:cf:4c:cc:
bd:53:a2:e1:77:4e:f7:d6:a3:71:1d:0e:6f:fb:75:de:41:7c:
84:f1:3c:fe:40:63:8d:42:4c:90:af:8e:f3:59:99:f8:fe:25:
a7:c3:13:29:35:8c:a0:e1:e1:05:82:79:19:58:bc:bf:50:68:
2d:e9:31:28
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICCoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVGOTQxMTAvBgNVBAUTKEE3NzdFNDgxOENBMERDQzYzODJFNTYyNTcwNkY5OEM4
MUU5MzA3MjAwHhcNMjIwMzAzMDcyNTQ5WhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjIwNmQ3ZC05NTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApgbikZq38Qico4S9OS9HzK9SwnC1t4crvUf5tlbxsFYDRA5tjcUtE1JJ9Vqs
MU/03xW+TwqzOLAOVRSMyAKVOE2wiasxFPyy0G4//4EtWyBZ0LxKWPYQXeUv4jyU
eBEm8zu023UyQTVKTYyNKwbv1GLSe6k3StjGcJ+ngXR0cmmGpB2cYBlnY4QmhkmE
3qJfiAWd17px5FtEZHlCc6d8FOEpzOI/4Kdi7E0OgSwjJtynju6aHPMRwb9I70s8
NTaiTb7iA+iA4X7DMoYQtRlt66cEWbRx5LT9Un1D5IYEGklP41X9NDeJB/4L3m9Z
0Z8O5Z/evU33Sjp0/Ob3t+pgSwIDAQABo4ICljCCApIwHQYDVR0OBBYEFOJCmdub
9dd3G5zbPVDMqtqCy3FIMB8GA1UdIwQYMBaAFKd35IGMoNzGOC5WJXBvmMgekwcg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RUY5NC81QjI0QTVDOEE2
QzExMUU5OEMzNzlFMEZDNEY5QUUwMi9wM2ZrZ1l5ZzNNWTRMbFlsY0ctWXlCNlRC
eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3AzZmtnWXlnM01ZNExsWWxjRy1ZeUI2VEJ5QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVGOTQvNUIyNEE1QzhBNkMxMTFFOThDMzc5RTBGQzRGOUFFMDIvMjc4OTNGQzZB
NzYxMTFFOUEzMTU3RjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAmlAMA0GCSqGSIb3DQEBCwUAA4IBAQAz0/Os09/qxsIa
PryjHKoUguMemtK/foT0judEvZMEzyRPGyaARLzNXmiUoi6guuVKO6sO3JUi3mFm
dRux+IKuAs3wTdZgVEkB9iRHsAT8qoAU/Oj2bBY/hDwLTdqGOF2rtFeULb9szfDy
+0x/3lKc3gjYV82T+m79VW+0/Zt8Ip0j/pkNV9XH9tHzN5XvJoAdMdweKenjxDl9
QsTNzGfv1ILymW7SgJjdZVrGHvuNxXyXa9s//Vf/kL+ffjVDqqMK/qfPTMy9U6Lh
d0731qNxHQ5v+3XeQXyE8Tz+QGONQkyQr47zWZn4/iWnwxMpNYyg4eEFgnkZWLy/
UGgt6TEo
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:58 2023 by rpki-client on console-fra.rpki-client.org